14 DAY TRIAL // Administrators of the Horry County school district (South Carolina, US) have agreed to make a $8,500 / €7,600 payment to get rid of a ransomware infection that has affected the school's servers.
The ransomware took root during the past week, on Monday, February 8, and affected 25 servers that stored information for Horry County elementary schools, WBTW reports.
Immediately after school employees noticed problems accessing their data, its IT personnel took down all servers to prevent the ransomware from spreading to more computers. Shutting down the servers affected the school's online services.
Ransomware asked for 20 Bitcoin
School officials discovered that the ransomware asked 0.8 Bitcoin per computer, for a total of 20 Bitcoin. The school's IT staff said the ransomware penetrated their network through an older server running outdated equipment.
Local South Carolina law enforcement and the FBI were brought in to investigate, but as in many similar cases, they could do little to help.
After spending countless hours trying to find a way around the ransomware's encryption, and failing, the school's administration has approved Monday, February 15, a payment that would cover the ransom demand.
Local newspapers reported that the school had troubles making the payment in the beginning because the sum needed to be converted in Bitcoin, something for which legal papers were needed.
Everything is now up and running
At the time of this article, the school's website is up and running, meaning that the payment went through and the school received the decryption keys that allowed them to recover their files and return their network online.
Coincidentally, when the ransomware incident happened, the school's administration was looking into hiring an outside security provider.
About the same time this was happening on the East Coast, a similar, more high-profile incident was in full swing on the West Coast. On the same day, February 15, the Hollywood Presbyterian Medical Center in Los Angeles approved a $17,000 payment to free its IT network of a ransomware infection that almost shut its operations in the previous week.